DSACMS · natalialuzuriaga · Sep 17, 2025 · Sep 16, 2025 · Sep 16, 2025 · Sep 17, 2025
diff --git a/docs/metadata.md b/docs/metadata.md
@@ -74,6 +74,14 @@ We encourage agencies to contribute by [submitting an agency schema addition iss
       <td>Name of the project or software</td>
       <td></td>
     </tr>
+    <tr>
+      <td>version</td>
+      <td>optional</td>
+      <td>🇺🇸</td>
+      <td>str</td>
+      <td>The version for this release</td>
+      <td></td>
+    </tr>
     <tr>
       <td>description</td>
       <td>required</td>
@@ -169,6 +177,38 @@ We encourage agencies to contribute by [submitting an agency schema addition iss
         - private
       </td>
     </tr>
+    <tr>
+      <td>homepageURL</td>
+      <td>optional</td>
+      <td>🇺🇸</td>
+      <td>str</td>
+      <td>The URL of the public release homepage</td>
+      <td></td>
+    </tr>
+    <tr>
+      <td>downloadURL</td>
+      <td>optional</td>
+      <td>🇺🇸</td>
+      <td>str</td>
+      <td>The URL where a distribution of the release can be found</td>
+      <td></td>
+    </tr>
+    <tr>
+      <td>disclaimerURL</td>
+      <td>optional</td>
+      <td>🇺🇸</td>
+      <td>str</td>
+      <td>The URL where disclaimer language regarding the release can be found</td>
+      <td></td>
+    </tr>
+    <tr>
+      <td>disclaimerText</td>
+      <td>optional</td>
+      <td>🇺🇸</td>
+      <td>str</td>
+      <td>Short paragraph that includes disclaimer language to accompany the release</td>
+      <td></td>
+    </tr>
     <tr>
       <td>vcs</td>
       <td>required</td>
@@ -199,6 +239,14 @@ We encourage agencies to contribute by [submitting an agency schema addition iss
       <td>Measures frequency of code reuse in various forms</td>
       <td></td>
     </tr>
+    <tr>
+      <td>languages</td>
+      <td>required</td>
+      <td>🇺🇸</td>
+      <td>arr</td>
+      <td>Programming languages that make up the codebase</td>
+      <td></td>
+    </tr>
     <tr>
       <td>maintenance</td>
       <td>required</td>
@@ -220,6 +268,44 @@ We encourage agencies to contribute by [submitting an agency schema addition iss
       <td>Contract number</td>
       <td></td>
     </tr>
+    <tr>
+      <td>SBOM</td>
+      <td>required</td>
+      <td>🇺🇸</td>
+      <td>str</td>
+      <td>Link of the upstream repositories and dependencies used, in the form of a Software Bill of Materials/SBOM. If the software does not have a SBOM, enter 'None'. (i.e. Github provides an SBOM: https://github.com/$ORG_NAME/$REPO_NAME/network/dependencies)</td>
+      <td></td>
+    </tr>
+     <tr>
+      <td>relatedCode/name <br> relatedCode/URL <br> relatedCode/isGovernmentRepo</td>
+      <td>optional</td>
+      <td>🇺🇸</td>
+      <td>obj</td>
+      <td>An array of affiliated government repositories that may be a part of the same project</td>
+      <td>relatedCode for 'code-gov-front-end' would include 'code-gov-api' and 'code-gov-api-client'</td>
+    </tr>
+    <tr>
+      <td>reusedCode/name <br> reusedCode/URL</td>
+      <td>optional</td>
+      <td>🇺🇸</td>
+      <td>obj</td>
+      <td>An array of government source code, libraries, frameworks, APIs, platforms or other software used in this release</td>
+      <td>
+        - US Web Design Standards<br>
+        - cloud.gov<br>
+        - Federalist<br>
+        - Digital Services Playbook<br>
+        - Analytics Reporter<br>
+      </td>
+    </tr>
+    <tr>
+      <td>partners/name <br> partners/email</td>
+      <td>optional</td>
+      <td>🇺🇸</td>
+      <td>obj</td>
+      <td>An array of objects including an acronym for each agency partnering on the release and the contact email at such agency</td>
+      <td></td>
+    </tr>
     <tr>
       <td>date/created <br> date/lastModified date/metadataLastUpdated</td>
       <td>required</td>
@@ -324,6 +410,14 @@ Full schema can be found in [schema-2.0.0.json](../schemas/schema-2.0.0.json).
       <td>Name of the project or software</td>
       <td></td>
     </tr>
+    <tr>
+      <td>version</td>
+      <td>optional</td>
+      <td>🇺🇸</td>
+      <td>str</td>
+      <td>The version for this release</td>
+      <td></td>
+    </tr>
     <tr>
       <td>description</td>
       <td>required</td>
@@ -415,14 +509,6 @@ Full schema can be found in [schema-2.0.0.json](../schemas/schema-2.0.0.json).
       <td>The URL of the public release repository for open source repositories. This field is not required for repositories that are only available as government-wide reuse or are closed (pursuant to one of the exemptions). It can be listed as 'private' for repositories that are closed.</td>
       <td></td>
     </tr>
-    <tr>
-      <td>projectURL</td>
-      <td>optional</td>
-      <td><img src="../assets/cms-logo.jpg" alt="CMS Logo"></td>
-      <td>str</td>
-      <td>URL to landing page, demo, or production instance of project</td>
-      <td></td>
-    </tr>
     <tr>
       <td>repositoryHost</td>
       <td>required</td>
@@ -448,6 +534,38 @@ Full schema can be found in [schema-2.0.0.json](../schemas/schema-2.0.0.json).
         - public<br>
         - private
       </td>
+    </tr>
+        <tr>
+      <td>homepageURL</td>
+      <td>optional</td>
+      <td>🇺🇸</td>
+      <td>str</td>
+      <td>The URL of the public release homepage</td>
+      <td></td>
+    </tr>
+    <tr>
+      <td>downloadURL</td>
+      <td>optional</td>
+      <td>🇺🇸</td>
+      <td>str</td>
+      <td>The URL where a distribution of the release can be found</td>
+      <td></td>
+    </tr>
+    <tr>
+      <td>disclaimerURL</td>
+      <td>optional</td>
+      <td>🇺🇸</td>
+      <td>str</td>
+      <td>The URL where disclaimer language regarding the release can be found</td>
+      <td></td>
+    </tr>
+    <tr>
+      <td>disclaimerText</td>
+      <td>optional</td>
+      <td>🇺🇸</td>
+      <td>str</td>
+      <td>Short paragraph that includes disclaimer language to accompany the release</td>
+      <td></td>
     </tr>
     <tr>
       <td>vcs</td>
@@ -542,14 +660,52 @@ Full schema can be found in [schema-2.0.0.json](../schemas/schema-2.0.0.json).
         - none
       </td>
     </tr>
-        <tr>
+    <tr>
       <td>contractNumber</td>
       <td>required</td>
       <td>📜</td>
       <td>array</td>
       <td>Contract number</td>
       <td></td>
     </tr>
+    <tr>
+      <td>SBOM</td>
+      <td>required</td>
+      <td>🇺🇸</td>
+      <td>str</td>
+      <td>Link of the upstream repositories and dependencies used, in the form of a Software Bill of Materials/SBOM. If the software does not have a SBOM, enter 'None'. (i.e. Github provides an SBOM: https://github.com/$ORG_NAME/$REPO_NAME/network/dependencies)</td>
+      <td></td>
+    </tr>
+     <tr>
+      <td>relatedCode/name <br> relatedCode/URL <br> relatedCode/isGovernmentRepo</td>
+      <td>optional</td>
+      <td>🇺🇸</td>
+      <td>obj</td>
+      <td>An array of affiliated government repositories that may be a part of the same project</td>
+      <td>relatedCode for 'code-gov-front-end' would include 'code-gov-api' and 'code-gov-api-client'</td>
+    </tr>
+    <tr>
+      <td>reusedCode/name <br> reusedCode/URL</td>
+      <td>optional</td>
+      <td>🇺🇸</td>
+      <td>obj</td>
+      <td>An array of government source code, libraries, frameworks, APIs, platforms or other software used in this release</td>
+      <td>
+        - US Web Design Standards<br>
+        - cloud.gov<br>
+        - Federalist<br>
+        - Digital Services Playbook<br>
+        - Analytics Reporter<br>
+      </td>
+    </tr>
+    <tr>
+      <td>partners/name <br> partners/email</td>
+      <td>optional</td>
+      <td>🇺🇸</td>
+      <td>obj</td>
+      <td>An array of objects including an acronym for each agency partnering on the release and the contact email at such agency</td>
+      <td></td>
+    </tr>
     <tr>
       <td>date/created <br> date/lastModified date/metadataLastUpdated</td>
       <td>required</td>
@@ -653,7 +809,7 @@ Full schema can be found in [schema-2.0.0.json](../schemas/schema-2.0.0.json).
       <td></td>
     </tr>
     <tr>
-      <td>project</td>
+      <td>projects</td>
       <td>required</td>
       <td><img src="../assets/cms-logo.jpg" alt="CMS Logo"></td>
       <td>arr</td>
@@ -669,14 +825,6 @@ Full schema can be found in [schema-2.0.0.json](../schemas/schema-2.0.0.json).
       <td>IDR, PECOS</td>
     </tr>
     <tr>
-      <td>upstream</td>
-      <td>optional</td>
-      <td><img src="../assets/cms-logo.jpg" alt="CMS Logo"></td>
-      <td>arr</td>
-      <td>Link of the upstream repositories and dependencies used, in the form of a Software Bill of Materials/SBOM (https://github.com/$ORG_NAME/$REPO_NAME/network/dependencies)</td>
-      <td>augur, uswds</td>
-    </tr>
-        <tr>
       <td>subsetInHealthcare</td>
       <td>required</td>
       <td><img src="../assets/cms-logo.jpg" alt="CMS Logo"></td>

diff --git a/docs/procedures.md b/docs/procedures.md
@@ -5,15 +5,21 @@ The CMS Open Source Program Office developed various tools that can automate det
 > **Learn more about our SHARE IT Act tools**: https://dsacms.github.io/share-it-act-lp/
 
 **Procedures for Project Teams**:
+
 [Creating a code.json file in your repository](#creating-a-codejson-file-in-your-repository)
 - [code.json generator form site](#using-form-site)
 - [automated-codejson-generator GitHub Action](#using-automated-codejson-generator)
 - [repo-scaffolder](#using-repo-scaffolder)
 
-***Procedures for Agencies**:
+**Procedures for Agencies**:
+
 [Generate an agency-index.json file for submission](#generate-an-agency-indexjson-file-for-agencies)
 - [codejson-index-generator](#using-codejson-index-generator)
 
+[Tools created by other teams and agencies](#tools-created-by-other-teams-and-agencies)
+- [CMS CMCS](#cms-cmcs-codejson-aggregator)
+- [CDC](#cdc-share-it-act-repository-scanner-tool)
+
 
 ## Creating a code.json file in your repository
 
@@ -23,7 +29,6 @@ The CMS Open Source Program Office developed various tools that can automate det
 Users can fill out a web form that creates a code.json file to be uploaded to a project's source code repository: https://dsacms.github.io/codejson-generator.
 
 
-
 ### Using automated-codejson-generator
 *This method works best for repositories hosted on GitHub with GitHub Actions enabled.*
 
@@ -143,3 +148,18 @@ python main.py --agency AGENCY_NAME --orgs "org1,org2" --output code.json --vers
 ```bash
 python3 main.py --agency CMS --orgs "DSACMS,CMSgov,CMS-Enterprise" --output code.json --version 1.0.0
 ```
+
+## Tools created by other teams and agencies
+
+Below are tools other teams and agencies developed to create a consolidated software inventory for the SHARE IT Act. They include methods to retrieve necessary metadata from private and internal repositories.
+
+### CMS CMCS code.json aggregator
+
+mac-fc-aggregate-codejson aggregates code.json files from all private and internal repositories in a GitHub organization.
+https://github.com/Enterprise-CMCS/mac-fc-aggregate-code-json
+
+## CDC SHARE IT Act Repository Scanner Tool
+
+The CDC SHARE IT Act Repository Scanner Tool gathers and consolidates repository metadata from various code environments by generating code.json files in all repositories, having project teams review and correct information for accuracy, then creating an index file containing all aggregated code.json metadata.
+- https://github.com/CDCgov/ShareIT-Act
+- https://github.com/OCIO-ricky/ShareITAct_RepoScanning